Privacy Policy - Cape Hearing Aids

CAPE HEARING AIDS COMPANY SECRETARY PROCESSING NOTICE

1.PURPOSE OF THIS NOTICE AND TERMS USED

1.1 In order to do business, CAPE HEARING AIDS – <** REGISTRATION NO **> (“we”, ”us”, “CAPE HEARING AIDS ” or “the company”) in our capacity as a Responsible Party, will have to process Personal Information, and in doing so, will have to comply with a law known as the Protection of Personal Information Act, 4 of 2013 (hereinafter referred to as “POPIA”), which regulates and controls the processing of a legal entity’s and/or an individual’s Personal Information in South Africa, (hereinafter referred to as a “Data Subject”), which processing includes the collection, use, and transfer of a Data Subject’s Personal Information.

1.2 In terms of POPIA, where a Responsible Party processes a Data Subject’s Personal Information, such processing must be done in a lawful, legitimate and responsible manner and in accordance with the provisions, principles and conditions set out under POPIA.

1.2 In order to comply with POPIA, a Responsible Party processing a Data Subject’s Personal Information must:

1.2.1 provide the Data Subject with a number of details pertaining to the processing of the Data Subject’s Personal Information, before such information is processed; and

1.2.2 get permission or consent, explicitly or implied, from the Data Subject, to process his / her / its Personal Information, unless such processing: ♣ is necessary to carry out actions for the conclusion or performance of a contract to which the Data Subject of the Personal Information is a party; ♣ is required in order to comply with an obligation imposed by law; or ♣ is for a legitimate purpose or is necessary to protect the legitimate interest (s) and/or for pursuing the legitimate interests of i) the Data Subject; ii) the Responsible Party; or iii) that of a third party to whom the Personal Information is supplied; or • is necessary for the proper performance of a public law duty.

1.3 In accordance with the requirements of POPIA, and because your privacy and trust is important to all at CAPE HEARING AIDS, we set out below how we, CAPE HEARING AIDS and more importantly the Company Secretary Department collect, use, and share your Personal Information and the reasons why we need to use and process your Personal Information.

2.APPLICATION

2.1 This CAPE HEARING AIDS; COMPANY SECRETARY PROCESSING NOTICE applies to the following persons:

– 1 –

2.1.1 Potential or actual CAPE HEARING AIDS directors, trustees, executives and/or committee members.

2.1.2 Potential or actual CAPE HEARING AIDS security holders or shareholders.

2.1.3 other persons or legal entities whose Personal Information is processed by the CAPE HEARING AIDS Company Secretary Department, such as securities service providers, exchanges, and stakeholders.

3.PURPOSE FOR PROCESSING YOUR PERSONAL INFORMATION

3.1 Your Personal Information will be processed by CAPE HEARING AIDS for the following purposes:

SUMMARY OF THE PURPOSE OF COLLECTION

Lawfulness

Consent required

Due diligence purposes – legitimate purpose: To carry out a due diligence before we decide to engage or interact with you or to do business with you, including obtaining and verifying your credentials, such as your business details, your medical and health history and related records, education and employment history and qualifications, in the case of any directorship or executive position, as well as your credit and financial status and history, tax status, and B-BBEE status. Lawfulness – YES

Consent required – NO

Contract purposes – assessment and conclusion of a contract: To investigate whether we are able or willing to conclude a contract with you based on the findings of any due diligence detailed above, and if the assessment is in order, to conclude a contract with you, be it in relation to our securities or shares or in relation to an appointment as a CAPE HEARING AIDS director, trustee or executive, and in order to manage such relationship.

Lawfulness – YES

Consent required – YES

Attending to administration and financial matters – conclusion of a contract and legitimate interest: To manage and operate the activities of CAPE HEARING AIDS , including providing director, trustee or executive and/or shareholder details to third parties, including banks, regulators and trading partners and service providers, to administer company secretarial records, books, records, accounts or profiles related to you as a director, trustee, executive or a securities CAPE HEARING AIDS CO-SEC PROCESSING NOTICE 2021 Page 3 holder or shareholder including registrations, subscriptions, issuing of share scripts, documenting and recording the purchase, sale and issuing of shares or securities, sending out meeting agendas and notices, recording meeting minutes and resolutions, attending to billing fees, costs and charges, carrying out calculations, quoting, invoicing, receiving payments or paying dividends or refunds, attending to tax payment, paying executive, trustee or director fees or expenses, and related taxes on their behalf, and performing reconciliations and financial management in general. Lawfulness – YES Consent required – YES

Communications – legitimate purpose: To contact you and to communicate with you generally or in respect of our or your requirements, or instructions.

Lawfulness – YES

Consent required – NO

Risk assessment and anti-bribery and corruption matters – legitimate purpose: To carry out organizational and enterprise wide risk assessments, and due diligences, in order to detect and prevent bribery, corruption, fraud and abuse, to comply with ABC laws, as well as to identify and authenticate your access to and to provide you with access to our goods and services or premises

– 2 –

where applicable, and generally to ensure the security and protection of all persons including employees, and persons when entering or leaving the CAPE HEARING AIDS sites and operations or facilities and/or to exercise our rights and to protect our and others’ rights and/or property, including to take action against those that seek to violate or abuse our assets, systems, services, customers or employees and/or other third parties where applicable.

Lawfulness – YES

Consent required – NO

Legal obligations, litigation, insurance and public duties: To comply with the law and legal obligations, including the requirement to register with regulators, obtain and hold permits and certificates, register for VAT, Tax, PAYE, SDL, COIDA and UIF etc. and to pay levies and fees due in respect thereof, by CAPE HEARING AIDS or others, to submit legal or statutory reports or provide various regulatory or statutory notices or returns, to litigate and/or to pursue or defend legal claims or collections, to attend to insurance claims and related procedures, to respond to a request or order from a SAPSS official, investigator or court official, regulator, or public authority. Lawfulness – YES

Consent required – NO

Business and operational issues – compliance with law and manage the contract: To communicate, enforce and ensure that you comply with any applicable policies and procedure which pertain to and apply to directors. Trustees, executives or shareholders, conducting investigations and incident response activities, including reviewing your communications in these situations in accordance with relevant internal policies and applicable law.

Lawfulness – YES

Consent required – NO

Occupational health – compliance with laws: To manage in the case of directors, executives and trustees, occupational health and absence and fitness for roles and notifying family members in emergencies.

Lawfulness – YES

Consent required – NO

Travel – contractual: To facilitate business travel, travel-related support including conference attendance, bookings, and emergency support services.

Lawfulness – YES

Consent required – NO

B-BBEE – compliance with laws: To comply with B-BBEE and monitor or report B-BBEE opportunities and related diversity issues, including but not limited to age, gender, ethnicity, nationality, religion, disability, sexual orientation, and marital or family status. Lawfulness – YES

Consent required – NO

Security purposes – legitimate purpose and to comply with laws: To permit you access to our offices, facilities, manufacturing or parking areas, as well as to controlled areas, for the purposes of monitoring via CCTV, your interaction and access in and from our facilities described above, and for general risk management, security and emergency incident control purposes as well as for data and cybersecurity purposes.

Lawfulness – YES

Consent required – NO

Marketing and electronic communications related thereto – consent required: To provide you with communications regarding us, our goods and services and or other notifications, programs, events, or updates that you may have registered or asked for, and to send you offers, advertising, and marketing materials, including providing personalized advertising to you, save where you have opted out of this activity.

Lawfulness – YES

Consent required – YES

– 3 –

Internal research and development purposes: To conduct internal research and development for new content, products, and services, and to improve, test, and enhance the features and functions of our current goods and services.

Lawfulness – YES

Consent required – NO

Sale, merger, acquisition, or other disposition of our business – our Legitimate interest: To proceed with any proposed or actual sale, merger, acquisition, or other disposition of our business (including in connection with any bankruptcy or similar proceedings).

Lawfulness – YES

Consent required – NO

WHAT PERSONAL INFORMATION OR INFORMATION DO WE COLLECT FROM YOU? To engage and/or interact with you, for the purposes described above, we will have to process certain types of your Personal Information, as described below:

Contact information such as: Name, Alias, Address, Identity number, Passport number, Security number, Phone number, Cell phone number, Social media user ID, Email address, and similar contact data, Serial numbers of equipment, Medical Aid Number, and other contact information including details of your employer, directorships, memberships or affiliations, your status with an organization, and similar data, which are required for various legitimate interest, contractual and/or lawful reasons.

Lawfulness – YES

Consent required – NO

Specific identifiers such as: Ear impression, race (B-BBEE), medical history including any medical conditions, and financial, credit, deviant and criminal history (to protect our legitimate interests and to perform risk assessments), which are required in order to protect legitimate interests, comply with legal obligations or public legal duties, and/or in order to accommodate you within the CAPE HEARING AIDS facilities.

Lawfulness – YES

Consent required – NO

Financial and account Information, such as billing address, billing contact details, medical aid numbers, and similar data, tax numbers and VAT numbers, banking details and similar data, which are required to perform contractual matters and to comply with laws.

Lawfulness – YES

Consent required – NO

Your Image, such as: still pictures, video, voice, and other similar data, which are required to perform contractual matters and/or in order to accommodate you within the CAPE HEARING AIDS facilities.

Lawfulness – YES

Consent required – NO

Career, Education, and Employment Related Information, in the case of directors, trustees and executives, such as work performance and history, nationality and immigration status, demographic data, disability-related information, professional licensure information and related compliance activities, accreditations and other accolades, education history (including schools attended, academic degrees or areas of study, academic performance, and rankings), and similar data, which are required for contractual related matters or which are required to comply with laws and public duties.

Lawfulness – YES

Consent required – NO

– 4 –

Health records, related to hearing or associated information. In the case of directors, trustees and executives, such as medical status and history, examinations, blood type, medial aid history, disability-related information, biometrics, medicals, psychometrics and similar data, which are required for contractual related matters, or which are required to comply with laws and public duties.

Lawfulness – YES

Consent required – NO

5. SOURCES OF INFORMATION – HOW AND WHERE DO WE COLLECT YOUR PERSONAL INFORMATION FROM

5.1 Depending on your requirements, we will collect and obtain Personal Information about you either directly from you, from certain third parties, or from other sources which are described below:

Direct collection: You provide Personal Information to us when you:

• express an interest in us;

• respond to our communication sent to you;

• make contact with or interact with us;

• become a CAPE HEARING AIDS director, shareholder, trustee or executive; • enquire about, or search for us or our goods or services;

• create or maintain a profile or account with us;

• conclude a contract with us;

• purchase or subscribe to our goods or services, including our shares or securities; • register for or attend one of our events or locations;

• request or sign up for information, including marketing material.

• communicate with us by phone, email, chat, in person, or otherwise.

Automatic collection: We collect Personal Information automatically from you when you: • search for, visit, interact with, or use our websites or social media portals or platforms; • use our goods or services (including through a device);

• access, use, or download content from us;

• open emails or click on links in emails or advertisements from us;

• otherwise interact or communicate with us (such as when you attend one of our events or locations, when you request support or send us information, or when you mention or post to our social media accounts).

Collection from third parties: We collect Personal Information about you from third parties, such as:

• those who have a relationship with you;

• regulators, professional or industry organizations and certification / licensure agencies that provide or publish Personal Information related to you;

• third parties and affiliates who deal with or interact with us or you;

• service providers and business partners who work with us and that we may utilize to deliver certain content, products, or services;

• marketing, sales generation, and recruiting business partners;

• SAPS, Home Affairs, Credit bureaus and other similar agencies;

• other government agencies, regulators and others who release or publish public records; • other publicly or generally available sources, such as social media sites, public and online websites, open databases, and data in the public domain.

– 5 –

HOW WE SHARE INFORMATION We share your Personal Information for the purposes set out in this Company Secretary Processing Notice with the following categories of recipients:

CAPE HEARING AIDS employees, directors, trustees, executives and affiliates. We may share your Personal Information amongst Medical professionals, Medical Aids and their employees or associates, our employees, directors, trustees, executives and affiliates and the companies within CAPE HEARING AIDS for business and operational purposes.

Lawfulness – YES

Consent required – YES

Business Partners. We may share your Personal Information with our business partners. Lawfulness – YES

Consent required – YES

Third Party Service Providers. We may share your Personal Information with our third-party service providers to perform tasks on our behalf and which are related to our relationship with you.

Lawfulness – YES

Consent required – YES

IT and Cyber Third-Party Service Providers. We may share your Personal Information with our cyber service providers to perform tasks on our behalf and which are related to our relationship with you.

Lawfulness – YES

Consent required – YES

PR Agencies and Advertisers. We may share your Personal Information with advertisers, advertising exchanges, and marketing agencies that we engage for promotional, advertising and printing of brochure services.

Lawfulness – YES

Consent required – YES

Regulators and law enforcement agencies. We may disclose your Personal Information to regulators and other bodies in order to comply with any applicable law or regulation, to comply with or respond to a legal process or law enforcement or governmental request. Lawfulness – YES

Consent required – NO

Other Disclosures. We may disclose your Personal Information to third parties as part of our commercial activities, or if we reasonably believe that disclosure of such information is necessary to enforce our terms and conditions or other rights (including investigations of potential violations of our rights), to detect, prevent, or address fraud or security issues, or to protect against harm to the rights, property, or safety of CAPE HEARING AIDS , our employees, its directors, trustees, executives, shareholders or stakeholders, or the public.

Lawfulness – YES

Consent required – NO

Merger, Sale, or Change of Control. We may share your Personal Information to a third-party entity as part of a merger, acquisition, sale, or other change of control activity. Lawfulness – YES

Consent required – YES

– 6 –

SECURITY OF INFORMATION

7.1 The security of your Personal Information is important to us. Taking into account the nature, scope, context, and purposes of processing Personal Information, as well as the risks to individuals of varying likelihood and severity, we have implemented technical and organizational measures designed to protect the security of Personal Information. In this regard we will conduct regular audits regarding the safety and the security of your Personal Information.

7.2 Your Personal Information will be stored electronically and in some cases in hard copy in files and records, which information, for operational reasons, will be accessible to and/or provided to persons employed or contracted by us on a need to know basis.

7.3 Once your Personal Information is no longer required, such Personal Information will be retained in accordance with our CAPE HEARING AIDS records retention schedule, which varies depending on the type of processing, the purpose for such processing, the business function, record classes, and record types. We calculate retention periods based upon and reserve the right to retain Personal Information for the periods that the Personal Information is needed to: (a) fulfil the purposes described in this Processing Notice, (b) meet the timelines determined or recommended by regulators, professional bodies, or associations, (c) comply with applicable laws, legal holds, and other legal obligations (including contractual obligations), and (d) comply with your requests.

7.4 Notwithstanding clause 7 and 8, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable measures designed to protect Personal Information, we cannot guarantee its absolute security.

ACCESS BY OTHERS AND CROSS BORDER TRANSFER

8.1 CAPE HEARING AIDS may from time to time have to disclose your Personal Information to other parties, including CAPE HEARING AIDS subsidiaries, trading partners, agents, auditors, organs of state, regulatory bodies and/or national governmental, provincial, or local government municipal officials, or trading parties or agents, but such disclosure will always be subject to an agreement which will be concluded as between ourselves and the party to whom we are disclosing your Personal Information to, which contractually obliges the recipient of your Personal Information to comply with strict confidentiality and data security conditions.

8.2 Where your Personal Information is transferred to a country which is situated outside South Africa, your Personal Information will only be transferred to those countries which have similar data privacy laws in place or where the recipient of the Personal Information

concludes an agreement which contractually obliges the recipient to comply with strict confidentiality and data security conditions and which conditions in particular will be to a no lesser set of standards than those imposed by POPIA.

– 7 –

YOUR RIGHTS

9.1 You as a Data Subject have certain rights, which are detailed below: • The right of access – You may ask CAPE HEARING AIDS (free of charge) to confirm that we hold your Personal Information, or ask us to provide you with details, (at a fee) on how we have processed your Personal Information, which request must be done by following the process set out under the CAPE HEARING AIDS PAIA Manual. • The right to rectification – You have the right to ask us to update or rectify any inaccurate Personal Information which we hold of yours, which can be done by accessing the update / rectification request. • The right to object to and restrict further processing – Where we do not need your consent to process your Personal Information, but you are not in agreement with such processing, you may lodge an objection to such processing by accessing the objection request. • The right to withdraw consent – Where you have provided us with consent to process your Personal Information, you have to right to subsequently withdraw your consent, which can be done by accessing the withdrawal of consent request.

9.2 These rights may be exercised by using the relevant forms housed on the CAPE HEARING AIDS website at: https://capehearingaids.co.za.legal-notices.

CHANGES TO THIS PRIVACY STATEMENT

10.1 As CAPE HEARING AIDS changes over time, this Processing Notice is expected to change as well.

10.2 CAPE HEARING AIDS reserves the right to amend the Processing Notice at any time, for any reason, and without notice to you other than the posting of the updated Processing Notice on the CAPE HEARING AIDS Website.

10.3 We therefore request that you to visit our Website frequently in order to keep abreast with any changes.

PROCESSING OTHER PERSONS PERSONAL INFORMATION

11.1 If you process another’s Personal Information on CAPE HEARING AIDS ’s behalf, or which we provide to you in order to perform your contractual or legal obligations or to protect any legitimate interest, you will

if you are processing such Personal Information as our Operator as defined under POPIA, process all and any such Personal Information in compliance with the obligations set out under our standard “Operator Agreement” housed on our website; or
where not acting as an Operator, nonetheless keep such information confidential and secure as per POPIA and you will not, unless authorized to do so, process, publish, make accessible, or use in any other way such CAPE HEARING AIDS CO-SEC PROCESSING NOTICE 2021 Page 12 Personal Information unless in the course and scope of your duties, and only for the purpose for which the information has been received and granted to you, and related to the duties assigned to you.

– 8 –

COMPLAINTS OR QUERIES – CONTACT US

12.1 Any comments, questions or suggestions about this Processing Notice or our handling of your Personal Information should be emailed to our Information or Deputy Information officers at the details below.

CAPE HEARING AIDS

Information Officer

Deputy Information

Officer(s)

Shop 57A Gardens Centre, Mill St, Oranjezicht, Cape Town, 8001

Karin Jeanne Barrow

karin@7kn.184.myftpupload.com 021 434 5601

Sue Maree

sue@7kn.184.myftpupload.com 021 434 5601

12.2 Should you wish to discuss a complaint, please feel free to contact us using the details provided above. All complaints will be treated in a confidential manner.

12.3 Our offices are open 9:00 am – 4.00 pm GMT, Monday to Friday.

12.4 Should you feel unsatisfied with our handling of your Personal Information, or about any complaint that you have made to us, you are entitled to escalate your complaint to the South African, Information Regulator who can be contacted at

https://www.justice.gov.za/inforeg/

ACCEPTANCE AND BINDING NATURE OF THIS DOCUMENT

13.1 By providing CAPE HEARING AIDS with the Personal Information which we require from you as listed under this Processing Notice:

you acknowledge that you understand why your Personal Information needs to be processed; • you accept the terms which will apply to such processing, including the terms applicable to the transfer of such Personal Information cross border;
where consent is required for any processing as reflected in this Processing notice, you agree that we may process this particular Personal Information.

13.2 Where you provide us with another person’s Personal Information for processing, you confirm that that you have obtained the required permission from such person(s) to provide us with their Personal Information for processing.

13.3 The rights and obligations of the parties under this Processing Notice will be binding on, and will be of benefit to, each of the parties’ successors in title and/or assigns where applicable.

13.4 Should any of the Personal Information concern or pertain to a legal entity whom you represent, you confirm that you have the necessary authority to act on behalf of such legal entity and that you have the right to provide the Personal Information and/or the required permissions in respect of the processing of that Organization or entities’ Personal

Information.

2. DATA COLLECTED

DATA STORAGE LOCATION

We are Cyprus based company and operate web servers hosted in Germany. Our hosting provider Hetzner Online GmbH adheres to the EU/US “Privacy Shield”, ensuring that your data is securely stored and GDPR compliant. For more information on Hetzner Online GmbH privacy policy, please see here: Hetzner Data Privacy Policy.

REGISTRATION DATA

If you register on our website, we store your chosen username and your email address and any additional personal information added to your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit this information.

PURCHASE DATA

To receive product support, you have to have one or more Envato/AncoraThemes purchase codes on our website. These purchase codes will be stored together with support expiration dates and your user data. This is required for us to provide you with downloads, product support and other customer services.

SUPPORT DATA

If you have registered on our website and have a valid support account, you can submit support tickets for assistance. Support form submissions are sent to our third party Ticksy ticketing system. Only the data you explicitly provided is sent, and you are asked for consent, each time you want to create a new support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.

COMMENTS

When you leave comments on the website we collect the data shown in the comments form, and also the IP address and browser user agent string to help spam detection.

CONTACT FORM

Information submitted through the contact form on our site is sent to our company email, hosted by Zoho. Zoho adheres to the EU/US “Privacy Shield” policy and you can find more information about this here: Zoho Privacy Policy.

These submissions are only kept for customer service purposes they are never used for marketing purposes or shared with third parties.

GOOGLE ANALYTICS

We use Google Analytics on our site for anonymous reporting of site usage. So, no personalized data is stored. If you would like to opt-out of Google Analytics monitoring your behavior on our website please use this link: Google Analytics Opt-out.

CASES FOR USING THE PERSONAL DATA

We use your personal information in the following cases:

Verification/identification of the user during website usage;
Providing Technical Assistance;
Sending updates to our users with important information to inform about news/changes;
Checking the accounts’ activity in order to prevent fraudulent transactions and ensure the security
over our customers’ personal information;
Customize the website to make your experience more personal and engaging;
Guarantee overall performance and administrative functions run smoothly.

3. EMBEDDED CONTENT

Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged-in to that website. Below you can find a list of the services we use:

FACEBOOK

The Facebook page plugin is used to display our Facebook timeline on our site. Facebook has its own cookie and privacy policies over which we have no control. There is no installation of cookies from Facebook and your IP is not sent to a Facebook server until you consent to it. See their privacy policy here: Facebook Privacy Policy .

TWITTER

We use the Twitter API to display our tweets timeline on our site. Twitter has its own cookie and privacy policies over which we have no control. Your IP is not sent to a Twitter server until you consent to it. See their privacy policy here: Twitter Privacy Policy .

YOUTUBE

We use YouTube videos embedded on our site. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube and your IP is not sent to a YouTube server until you consent to it. See their privacy policy here: YouTube Privacy Policy.

4. COOKIES

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymized tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.

NECESSARY COOKIES (ALL SITE VISITORS)

cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
PHPSESSID: To identify your unique session on the website.

NECESSARY COOKIES (ADDITIONAL FOR LOGGED IN CUSTOMERS)

wp-auth: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
wordpress_logged_in_{hash}: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.
wp-settings-[UID]: WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
wp-settings-[UID]:WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.

5. WHO HAS ACCESS TO YOUR DATA

If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself.

If you are a client with a registered account, your personal information can be accessed by:

Our system administrators.
Our supporters when they (in order to provide support) need to get the information about the client accounts and access.

6. THIRD PARTY ACCESS TO YOUR DATA

We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:

ENVATO PTY LTD

For the purpose of validating and getting your purchase information regarding licenses for the Avada theme, we send your provided tokens and purchase keys to Envato Pty Ltd and use the response from their API to register your validated support data. See the Envato privacy policy here: Envato Privacy Policy.

TICKSY

Ticksy provides the support ticketing platform we use to handle support requests. The data they receive is limited to the data you explicitly provide and consent to being set when you create a support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.

7. HOW LONG WE RETAIN YOUR DATA

When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. We use this data so that we can recognize you and approve your comments automatically instead of holding them for moderation.

If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.

8. SECURITY MEASURES

We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personal identifiable information is not captured/hijacked by third parties without authorization.

In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.

9. YOUR DATA RIGHTS

GENERAL RIGHTS

If you have a registered account on this website or have left comments, you can request an exported file of the personal data we retain, including any additional data you have provided to us.

You can also request that we erase any of the personal data we have stored. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).

If you wish that all of your data is erased, we will no longer be able to offer any support or other product-related services to you.

GDPR RIGHTS

Your privacy is critically important to us. Going forward with the GDPR we aim to support the GDPR standard. AncoraThemes permits residents of the European Union to use its Service. Therefore, it is the intent of AncoraThemes to comply with the European General Data Protection Regulation. For more details please see here: EU GDPR Information Portal.

10. THIRD PARTY WEBSITES

AncoraThemes may post links to third party websites on this website. These third party websites are not screened for privacy or security compliance by AncoraThemes, and you release us from any liability for the conduct of these third party websites.

All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties, unless you explicitly click on them.

Please be aware that this Privacy Policy, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service or Site. AncoraThemes bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.

11. RELEASE OF YOUR DATA FOR LEGAL PURPOSES

At times it may become necessary or desirable to AncoraThemes, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.

Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.

12. AMENDMENTS

We may amend this Privacy Policy from time to time. When we amend this Privacy Policy, we will update this page accordingly and require you to accept the amendments in order to be permitted to continue using our services.